Configuration Examples‎ > ‎HP / HPE‎ > ‎Comware v7‎ > ‎

Comware 7 Policy Based Routing - PBR

How to configure policy based routing (PBR) on an HP Comware 7 Switch


The setup is identical to my Provision guide see the picture below.




The router in the picture above (.254) has a default gateway of 2.2.2.1. However, I want traffic sourced from the 192.168.10.0 to.


1. Only use the switches default gateway for any traffic to 10.0.0.0/8
2. Use 1.1.1.1 (the firewall) for any traffic to the internet.

Configuration Steps


Create a PBR Node called CUSTOMER01-PBR, and match it on ACL 3001 - note the 'deny' statement.

policy-based-route CUSTOMER01-PBR deny node 10
 if-match acl 3001
quit


Create a PBR Node called CUSTOMER01-PBR, and match it on ACL 3002 - note the 'permit' statement, and the new next hop

policy-based-route CUSTOMER01-PBR permit node 11
 if-match acl 3002
 apply next-hop 1.1.1.1
 quit

Now create the ACL's - this first ACL matches on any internal traffic to 10.0.0.0/8 or 192.168.0.0/16

acl number 3001 name CUSTOMER01-PBR-INTERNAL-TRAFFIC
 rule permit ip source 192.168.10.0 0.0.0.255 destination 10.0.0.0 0.255.255.255
 rule permit ip source 192.168.10.0 0.0.0.255 destination 192.168.0.0 0.0.255.255

All other networks (including 172.16.0.0/12 - so make sure you don't need that network internally!)

acl number 3002 name CUSTOMER01-PBR-EXTERNAL-TRAFFIC
 rule permit ip destination 0.0.0.0 255.255.255.255


And here's where the magic happens, apply the PBR to the VLAN interface.

interface vlan 10
ip policy-based-route CUSTOMER01-PBR

Note you can also apply this to an actual switchport interface if you prefer.

interface Gi1/0/10
ip policy-based-route CUSTOMER01-PBR